Here it is: the official lineup of AMD's Epyc processors, which will go toe to toe with Intel's Xeons that utterly dominate the data center world.
Epyc. That's not a typo. AMD's desktop and laptop chips are called Ryzen, and its server-class family is called Epyc. Welcome to the new AyyyyyyyMD. Both Ryzen and Epyc are built …

COMMENTS

That SEV mode looks really interesting

I hadn't heard about this before, thanks for the mention. Undoubtedly there is more work to do to be able to run VMs in zero-trust environments, but it is a big step in the right direction. Bravo, AMD!

Re: That SEV mode looks really interesting

This harks back to some work done a long time ago. AMD opened up Hypertransport, meaning that any old Tom, Dick or Harry could make silicon that could plug into an AMD socket.

And people did, well, at least they did FPGA modules that could plug into a second CPU slot. I'm sure that one of the things someone did was to turn the FPGA into a RAM encrypter. Looks like AMD have moved that functionality over into the main CPU's memory controller.

It's an interesting idea that the hypervisor cannot see inside the VM. The IT security researchers won't like that particularly - they use VMs as a way of studying viruses, trojans, etc, relying on the hypervisor being an unseen God mode stealthy observer of whatever happens inside the VM. Meanwhile the malware writers go to a lot of effort to ensure that their malware detects a virtual environment and deletes itself, to prevent the whitehats unpicking the malware.

However, if SEV mode becomes commonplace, it might give the malware writers an unexpected advantage; the whitehats might no longer be able to see inside the VMs...

Re: That SEV mode looks really interesting

They just have to not check the box for encryption.

Fine, provided the hypervisor writers remember to make that a checkable option...

On the topic of hypervisors, it does open up a new avenue for malware. Malware could stand up its own hypervisor, with encryption enabled, or use a hypervisor offered by the host OS, and run its paylaod in that VM. There's then nothing the host OS could do about looking inside that VM. There's plenty of reasons why malware wants discreet, unobservable runtime on someone else's hardware.

Re: That SEV mode looks really interesting

"The researchers create and run the VMs they use to study malware. They just have to not check the box for encryption."

But the client OS can presumably detect whether that box was checked. Otherwise the system is worthless because you still have to trust the person hosting your VM when they say "I ticked it, honest.". Of course, you then need some kind of way for a client to know that the VMM isn't virtualising the instructions that you are using to detect whether they checked that box. I'm not sure where it all ends.

Perhaps the more important thing is that hopefully they've not made the mistake Intel did - connecting a system management microcontroller running an opaque binary blob with complete access to everything to the machine's Ethernet, and then finding that they'd fucked it up...

Re: Epyc 7351P @ $700

@analyzer: What I'm getting at - assuming these Epyc prices are accurate - is that this gives a ballpark figure for for the cost of a 16c/32t Threadripper. I can't see AMD pricing a Threadripper (at the same Epyc 7351P base frequency) higher than an Epyc 7351P, particularly as the Epyc 7351P includes a range of technologies that won't be included/enabled in Threadripper. Perhaps if the Threadripper is clocked significantly higher than the Epyc 7351P (while still maintaining sensible thermals) then it might allow AMD to charge a slightly higher premium, but not much more.

@John Pombrio: I wouldn't have thought 2.4GHz x 32 threads (Epyc 7351P or Threadripper) would be too slow for a HEDT, maybe slow for a gaming rig, but for a headless build system that spends all day compiling it could be pretty sweet!

EPYC TDP explained here. "TDP's aren't everything"

"From a power efficiency perspective moving data around is a great way to burn power. This is why we often see a focus on increasing cache sizes and reducing the need to physically move data around inside of modern chips. Given this point of reference one could see EPYC’s epic focus on I/O as a conscious attempt to build a chip that burns most of its Watts not on number crunching but on data movement."

SEV sounds like what you need for "The Cloud"

You provide the app, "They" provide the cores to process it.

Huge caveats. Can (has?) the memory encryption processor code been independently audited or is open source? Can the Hypervisor UI be trusted (IE when you click "encrypted" on the setup options it is actually enabled)?

We've seen the f**kup Intel supplied with it's MIPS based unit that appeared to have just been cut N pasted in wholesale, along with its software.

An interesting legal question. Could the USG declare such systems illegal as it would spoil the NSA's ability to snoop

Don't show these processors to Theresa May!

These processors (and their designers) are giving an "abhorrent"+ two finger salute to Theresa May / Amber Rudd's "simplistic, we're the good guys, you're the bad guys, nonsense" regards backdoors into encryption.*

Some good, well thought out design here.

*assuming they don't have a backdoor/vunerability, that is, at the hw level.

Re: Will They Look as Good on 11th July?

It's definitely interesting competition

I do wonder how Epyc will compete at the higher clock rates, the nearest apples to apples configuration shows a 20% increase over the equivalent Intel part, which is impressive if true. It'll shake up the market regardless, which is no bad thing..

Looks very interesting for FreeNAS ... if an affordable version is ever provided

I already had to move to a larger Intel server mobo to support 32GB Parity RAM; my next FreeNAS box build, in about 2 to 3 years time, will probably require 64GB Parity RAM. It'd be nice if I didn't have to scrap any more mobos for having inadequate RAM expansion.

Re: Software licensing costs will make this a winner

SPLA licensing on Microsoft is per-core. For example, if you license Windows it's for a minimum of 8 cores per machine, then increasing 2 at a time. Hence, it may be cheaper to buy, and faster than the Xeon part, but if it costs twice as much each month to run software on it then it's hobbled before you start.

This licensing model has hurt AMD in the past for server CPUs. Great to see some competition though, and anyone licensing per socket is golden.

Retail availability?

Sensation within chip design!

From Reddit: "Thanks to Infinity Fabric and to high yelds, AMD is using 99,9% of Ryzen Die. WOW!"

That are remarkably high yields. That explains why AMD can kick the butt out of Intel performancewise _and_ have lower prices _and_ still be more profitable than Intel. Normally if you cut price, you cut profit. Not in this case. AMD has no market share in the very lucrative server segment, so AMD's market share can only increase and Intel can only loose market share.

This means that when the financial markets see the first AMD reports in a few months of how much server CPUs they are selling and see AMD's profit margin, the AMD stock price will surely ryze. Epyc will start to deliver in July. So the quarter after that, we will see the first profit reports. Those numbers will be epyc!

Also, dont forget the VEGA gpus that are reportedly faster than GTX 1080, and cheaper. But we dont know if VEGA is faster than GTX 1080 Ti.

"AMD has split its Epyc SKUs into dual and single socket classes – they can be used in either configuration, though, unless they are a P-coded SKU, and a couple appear twice because they straddle both classes. So, for example, AMD recommends using the 7301 in a dual-socket system as an alternative to a pair of $800-plus Intel Xeon E5-2640 v4s, and the 7551P in a single-socket server versus a pair of Xeon E5-2650 v4s."

I cannot find clarity on this. Surprisingly, as its a very common scenario I hear - future proofing with an unused second socket on the chosen mobo.

Part of the reason for 2P popularity is simply adding more cpu grunt later if needed.